The goal of SteemConnect is to provide a safe way of connecting to the blockchain via 3rd party apps without compromising the security of your private keys and passwords. It’s a simple identity layer built on top of the blockchain allowing users safe access and developers the freedom of not having to handle the authentication system, i.e. managing users’ private keys and encryption. This means that devs won’t have to opensource their projects in order to gain user trust. When connecting to apps in this manner, neither SteemConnect nor the authorised app store the private keys as the posting key is incrypted on your cookie.

How SteemConnect is implemented

SteemConnect works by granting an access token to the requesting app once the application has been approved.
A full tutorial on how to set up an application, request authorisation and grant access can be found here.

Steem Authorisation and OAuth 2

The OAuth protocol allows third party apps to grant limited access to an HTTP service, either on behalf of a resource owner or by allowing the app to obtain access on its own behalf. The authorisation is provided without the private key or password of the user being shared with the third party.
Simplified, the process includes the following steps:

The user is presented with an authorisation link that requests a token from the API

The user has to log in to the service to verify their identity whereupon they will be prompted to authorise the application

The user is redirected to the application redirect URI along with the access token

Once the application has an access token, it may use the token to access the user’s account via the API, limited to the scope of access, until the token expires or is revoked.
A full breakdown of OAuth2 and how it applies to SteemIt and SteemConnect can be found here.

Jussi is a custom-built caching layer for use with steemd and other various services (such as SBDS).

The purpose of this document is to help developers and node operators set up their own jussi node within a docker container.

Intro

Jussi is a reverse proxy that is situation between the API client and the steemd server. It allows node operators to route an API call to nodes that are optimized for the particular call, as if they are all hosted from the same place.

Definition

Imagehoster is a Steem-powered image hosting and proxying service. Any image uploaded to, or proxied through, your Imagehoster has a copy stored within it. This means that the image continues to be available even if 3rd party sites go down or change their URLs. For as long as your instance of imagehoster is running the image will be available, anytime you need it.

The purpose of this tool is to provide a way to host and proxy images used by condenser to help maintain the privacy of the authors and general users accessing the images.

Using ImageHoster will help limit access to IP addresses of the general user. It will also strip image metadata related to the author’s geographical location. It also helps to verify that the original author uploaded the image they intended.

The ability to upload images on steemit.com was originally added in January, 2017. Please note that this tool does not store any image data on the blockchain.

1. Upload an image

For this to succeed it requires a signature from a Steem account in good standing.

2. Fetch an uploaded image

GET /<image_hash>/<filename>

This downloads a previously uploaded image.

<filename> is optional but can be provided to help users and applications understand the content type (Content-Type header will still always reflect actual image type)

3. Proxy and resize an image

GET /<width>x<hight>/<image_url>

This downloads and serves the provided image_url. Something to note is that a copy will be taken of the image and will be served on subsequent requests, so even if the upstream is removed or changes, you will still get the original from the proxy endpoint.

<width> and <height> can be set to 0 to preserve the image’s dimensions, if they are >0 the image will be aspect resized (down-sample only) to fit.

4. Get user avatar image

GET /u/<username>/avatar/<size>

This presents the avatar for username. If no avatar is set, a default image will be served. This default is set in the service config.

The sizes are:

small - 64x64

medium - 128x128

large - 512x512

The avatars follow the same sizing rules as proxied images, so you not guaranteed to get a square image, just an image fitting inside of the size square

5. Signing uploads

Uploads also require a signature made by a Steem account’s posting authority. The account has to also be above a certain (service configurable) reputation threshold.

While providing direct interfaces to several pluggable storage architectures that may be used for querying the blockchain, sbds may also be used as a lower level API upon which other applications can be built.